According to the website Wikipedia, HTTP is defined as follows –
The Hypertext Transfer Protocol HTTP is an application protocol for distributed, collaborative, hypermedia information systems
Which is entirely true however most of us will just recognise it as the way you start virtually every website when you type in the address. In reality it is the communications medium of the internet – it is based on a client-server model. The client is the browser (IE, Firefox etc) and the server is the web site that you’re trying to download. Requests are sent using HTTP to the server which responds and supplies the requested information if available. The clever bit about this communication medium is that it operates across all sorts of operating systems and computers – HTTP allows all sorts of devices and computers to communicate using a common protocol.
But if you read various websites that are concerned about privacy and anonymity online like this site – http://www.onlineanonymity.org/ , then you’d realise there’s an important issue with HTTP that we should all be aware of. The problem is that HTTP has no concept of security or privacy at all, in fact everything is exchanged in clear text. So anyone who views any communication across HTTP would be able to read all of it without problems.
So the websites you visit, any text you enter, account names, passwords and anything are all visible to anyone. There is of course a secure version of HTTP which is a little better – HTTPS is still not the most secure protocol but at least it provides some level of encryption and protection for communication.
But before you rush out and starting investing in relay, proxies and VPNs make sure you’re not comprimising security with these too. This video demonstrates some of the problems here too –
Although fundamentally using an SSH tunnel or VPN should increase your privacy, if it’s not set up and administered properly then this won’t be the case.